<?php
namespace app\middleware;

class Cors
{
    public function handle($request, \Closure $next)
    {
        $allowOrigin = $request->header('origin');
        $allowHeaders = 'X-Requested-With, Content-Type, Authorization,Api-Auth,';
        $allowMethods = 'GET, POST, PUT, DELETE, PATCH, OPTIONS';

        header("Access-Control-Allow-Origin: ".$allowOrigin);
        header("Access-Control-Allow-Headers: ".$allowHeaders);
        header("Access-Control-Allow-Methods: ".$allowMethods);

        return $next($request);
    }
}